[CRITICAL] baserCMS has OS command injection vulnerability in installer

PKSA-9wbk-k4bx-zvqq CVE-2026-30880 GHSA-6hpg-8rx3-cwgv

Affected package: baserproject/basercms

Affected version: <=5.2.2

Reported by:
GitHub